<?php
/**
 * Author Yulin
 * Email  dwzhanglong@126.com
 * Date   2016-6-27
 * Func   修改密码
 */
defined('IN_YuLin') || exit('NO PERMIT!');

if(IS_POST)
{
    $oldpassword = trim($_POST['oldpassword']);
    !$oldpassword && AjaxReturn(1,'旧密码不能为空');
    (Password($oldpassword) != $_Y['user']['password']) && AjaxReturn(1,'旧密码不正确');
    
    //  新密码
    $newpassword = trim($_POST['newpassword']);
    $newpassword2 = trim($_POST['newpassword2']);
    !$newpassword && AjaxReturn(1,'新密码不能为空');
    ($newpassword != $newpassword2) && AjaxReturn(1,'确认密码不正确');
    
    $newpassword = Password($newpassword);
    $db->exec('UPDATE '.Table('user').' SET password = \''.$newpassword.'\' WHERE id = '.$_uid);
    
    //  更新当前登录密码
    $_SESSION['agent']['password'] = $newpassword;
    
	AjaxReturn(0,'修改密码成功');
    //ShowMsg('修改密码成功',U($m.'/'.$c));
}

$tpl->display('index/password');

?>